Skip to main content

Iframe attack

An IFrame (which isn't another Apple product - it stands for "inline frame") is just a way of loading one web page inside another, usually from a different server.

Malware writers can make the included page just one pixel square and obfuscate javascript which will run automatically.

Frame code would be inserted by hacking web servers, or adding it to banner advertisements.

Big websites often cache (store) the results of search queries run on their sites - say, the links for a search for "malware IFrame" - and then forward these to search engines such as Google, which can generate search results directly. Malware authors exploit the system by putting in a search query like "malware IFrame" plus all the malicious IFrame's text. If the site doesn't check search terms adequately for obfuscated Javascript, the IFrame data is stored and passed on. When someone then searches for "malware IFrame" and clicks a result, the attack is initiated directly from the search result, because the browser can read the obfuscated Javascript - even if you can't.

Malware distributors like this because they don't need to hack the server, and can use popular searches to benefit from the site's SEO (search engine optimisation) practices and get a high ranking at Google. The attack usually includes half a dozen "drive-by" exploits, and also uses "social engineering" to get users to install something else, such as a video codec that is actually a Trojan. (Source)

Comments

Bill Anderson said…
Adsense is just a big pain and just a little too smart to successfully exploit for long
http://office-phone-system-primer.blogspot.com/
Blogger said…
I'm using AVG protection for a couple of years now, and I'd recommend this product to all of you.
Blogger said…
Using EasyHits4U you can earn free advertising credits by viewing other website-ads from a account base of over 1,200,000 accounts. Earn advertising credits faster with a view for view model.
Blogger said…
BlueHost is definitely the best hosting provider for any hosting plans you might require.

Popular posts from this blog

How to Input Phonetic Symbols (IPA) in Google Docs

You can insert special characters by clicking "Insert" on the menu, then click the "Ω Special Characters", the choose "Latin" category from the drop-down menu, and then Phonetics (IPA) sub-category. Insert Special Characters in Google Docs There is a short-cut for inputting some IPA symbols which you use them frequently. Automatic Substitution in Google Docs similar to Auto Correct in MS Word. You can replace common acronyms, misspellings and other symbols. So you can set auto-replace for your IPA symbols, for example, "e<" for "ɛ", "o/" for "ø", "o>" for "ɔ" etc. Automatic Substitutions in Google Docs

How to stop Freenet?

How to stop or temporally shutdown Freenet? On Windows, you may find "stop freenet" in Freenet Tray. On Ubuntu, or other Linux system, go to your Freenet folder, run a command inside the terminal: FreenetUser@ubuntu:~/Freenet$ ls *.sh run.sh  update.sh You can see run.sh command, run.sh have six options, one of them is to stop the Freenet: FreenetUser@ubuntu:~/Freenet$ ./run.sh ? Usage: ./run.sh { console | start | stop | restart | status | dump } FreenetUser@ubuntu:~/Freenet$ ./run.sh stop Stopping Freenet 0.7... Waiting for Freenet 0.7 to exit... Stopping Freenet 0.7... Stopped Freenet 0.7. This is how you to stop the Freenet on Ubuntu.

Vodafone Router Configuration for Incoming Connection and other Services

This post is about specific Vodafone Home Broadband Router configuration for Incoming Connection and other service on your home computer. This is not a tutorial, and will not be going into details of the services and router configuaration, I just want to point out couple of points you need to pay attention to. 1. Port Forwarding. Vadafone Router has its own name for Port Forwarding, it's called Port Mapping under Port Management category.The picture below shows that I set up web server on my desktop, I map my local address on port 80; and I set up PPTP incoming connection by mapping local address on port 1723. Port Forwarding 2. Exposed Host. If you have set up Port Mapping, you still can't get what you want, then you have to put your device outside the Firewall, i.e. bypass Vodafone Connects (means Router) firewall, in a Demilitarised Zone (DMZ), using it's Exposted Host Function. Static NAT (Network Address Translation) means the Router will translate publi